Snort behind an initial firewall

  • Trying to configure snort on PFsense when the pfsense box is behind an initial firewall.

    The setup is the ISP Internet connection comes in a  first router and some Internet traffic is directed to the PFSense box hosting snort.  Essentially the PFsense box is receiving the internet via a WAN connection and a gateway to the PFsense box/Lan which is

    The issue is snort blocks the traffic from, since i presume,  it thinks it is an invalid IP.  How can I tell snort to accept all traffic from this IP and gateway but to check it and not lock out the gateway in the process.

    When I turn on Snort it blocks the gateway with various rules coming or going out to an Internet address.

    Thanks for the help!

  • With the timing of your post, it may have nothing to do with being a rear firewall -,60329.45.html

    Many found their WAN IPs blocked regardless of whether they were whitelisted. Uninstall and reinstall seems to fix the problem.

Log in to reply